Merge pull request #10336 from Bond-009/authorization
This commit is contained in:
commit
cf806ddcaa
|
@ -49,14 +49,13 @@ namespace Jellyfin.Server.Implementations.Security
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Gets the authorization.
|
/// Gets the authorization.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="httpReq">The HTTP req.</param>
|
/// <param name="httpContext">The HTTP context.</param>
|
||||||
/// <returns>Dictionary{System.StringSystem.String}.</returns>
|
/// <returns>Dictionary{System.StringSystem.String}.</returns>
|
||||||
private async Task<AuthorizationInfo> GetAuthorization(HttpContext httpReq)
|
private async Task<AuthorizationInfo> GetAuthorization(HttpContext httpContext)
|
||||||
{
|
{
|
||||||
var auth = GetAuthorizationDictionary(httpReq);
|
var authInfo = await GetAuthorizationInfo(httpContext.Request).ConfigureAwait(false);
|
||||||
var authInfo = await GetAuthorizationInfoFromDictionary(auth, httpReq.Request.Headers, httpReq.Request.Query).ConfigureAwait(false);
|
|
||||||
|
|
||||||
httpReq.Request.HttpContext.Items["AuthorizationInfo"] = authInfo;
|
httpContext.Request.HttpContext.Items["AuthorizationInfo"] = authInfo;
|
||||||
return authInfo;
|
return authInfo;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -80,7 +79,6 @@ namespace Jellyfin.Server.Implementations.Security
|
||||||
auth.TryGetValue("Token", out token);
|
auth.TryGetValue("Token", out token);
|
||||||
}
|
}
|
||||||
|
|
||||||
#pragma warning disable CA1508 // string.IsNullOrEmpty(token) is always false.
|
|
||||||
if (string.IsNullOrEmpty(token))
|
if (string.IsNullOrEmpty(token))
|
||||||
{
|
{
|
||||||
token = headers["X-Emby-Token"];
|
token = headers["X-Emby-Token"];
|
||||||
|
@ -118,7 +116,6 @@ namespace Jellyfin.Server.Implementations.Security
|
||||||
// Request doesn't contain a token.
|
// Request doesn't contain a token.
|
||||||
return authInfo;
|
return authInfo;
|
||||||
}
|
}
|
||||||
#pragma warning restore CA1508
|
|
||||||
|
|
||||||
authInfo.HasToken = true;
|
authInfo.HasToken = true;
|
||||||
var dbContext = await _jellyfinDbProvider.CreateDbContextAsync().ConfigureAwait(false);
|
var dbContext = await _jellyfinDbProvider.CreateDbContextAsync().ConfigureAwait(false);
|
||||||
|
@ -219,24 +216,7 @@ namespace Jellyfin.Server.Implementations.Security
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Gets the auth.
|
/// Gets the auth.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="httpReq">The HTTP req.</param>
|
/// <param name="httpReq">The HTTP request.</param>
|
||||||
/// <returns>Dictionary{System.StringSystem.String}.</returns>
|
|
||||||
private static Dictionary<string, string>? GetAuthorizationDictionary(HttpContext httpReq)
|
|
||||||
{
|
|
||||||
var auth = httpReq.Request.Headers["X-Emby-Authorization"];
|
|
||||||
|
|
||||||
if (string.IsNullOrEmpty(auth))
|
|
||||||
{
|
|
||||||
auth = httpReq.Request.Headers[HeaderNames.Authorization];
|
|
||||||
}
|
|
||||||
|
|
||||||
return auth.Count > 0 ? GetAuthorization(auth[0]) : null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/// <summary>
|
|
||||||
/// Gets the auth.
|
|
||||||
/// </summary>
|
|
||||||
/// <param name="httpReq">The HTTP req.</param>
|
|
||||||
/// <returns>Dictionary{System.StringSystem.String}.</returns>
|
/// <returns>Dictionary{System.StringSystem.String}.</returns>
|
||||||
private static Dictionary<string, string>? GetAuthorizationDictionary(HttpRequest httpReq)
|
private static Dictionary<string, string>? GetAuthorizationDictionary(HttpRequest httpReq)
|
||||||
{
|
{
|
||||||
|
|
|
@ -15,8 +15,8 @@ namespace Jellyfin.Server.Integration.Tests
|
||||||
{
|
{
|
||||||
public static class AuthHelper
|
public static class AuthHelper
|
||||||
{
|
{
|
||||||
public const string AuthHeaderName = "X-Emby-Authorization";
|
public const string AuthHeaderName = "Authorization";
|
||||||
public const string DummyAuthHeader = "MediaBrowser Client=\"Jellyfin.Server Integration Tests\", DeviceId=\"69420\", Device=\"Apple II\", Version=\"10.8.0\"";
|
public const string DummyAuthHeader = "MediaBrowser Client=\"Jellyfin.Server%20Integration%20Tests\", DeviceId=\"69420\", Device=\"Apple%20II\", Version=\"10.8.0\"";
|
||||||
|
|
||||||
public static async Task<string> CompleteStartupAsync(HttpClient client)
|
public static async Task<string> CompleteStartupAsync(HttpClient client)
|
||||||
{
|
{
|
||||||
|
@ -27,16 +27,19 @@ namespace Jellyfin.Server.Integration.Tests
|
||||||
using var completeResponse = await client.PostAsync("/Startup/Complete", new ByteArrayContent(Array.Empty<byte>()));
|
using var completeResponse = await client.PostAsync("/Startup/Complete", new ByteArrayContent(Array.Empty<byte>()));
|
||||||
Assert.Equal(HttpStatusCode.NoContent, completeResponse.StatusCode);
|
Assert.Equal(HttpStatusCode.NoContent, completeResponse.StatusCode);
|
||||||
|
|
||||||
using var content = JsonContent.Create(
|
using var httpRequest = new HttpRequestMessage(HttpMethod.Post, "/Users/AuthenticateByName");
|
||||||
|
httpRequest.Headers.TryAddWithoutValidation(AuthHeaderName, DummyAuthHeader);
|
||||||
|
httpRequest.Content = JsonContent.Create(
|
||||||
new AuthenticateUserByName()
|
new AuthenticateUserByName()
|
||||||
{
|
{
|
||||||
Username = user!.Name,
|
Username = user!.Name,
|
||||||
Pw = user.Password,
|
Pw = user.Password,
|
||||||
},
|
},
|
||||||
options: jsonOptions);
|
options: jsonOptions);
|
||||||
content.Headers.Add("X-Emby-Authorization", DummyAuthHeader);
|
|
||||||
|
|
||||||
using var authResponse = await client.PostAsync("/Users/AuthenticateByName", content);
|
using var authResponse = await client.SendAsync(httpRequest);
|
||||||
|
authResponse.EnsureSuccessStatusCode();
|
||||||
|
|
||||||
var auth = await JsonSerializer.DeserializeAsync<AuthenticationResultDto>(
|
var auth = await JsonSerializer.DeserializeAsync<AuthenticationResultDto>(
|
||||||
await authResponse.Content.ReadAsStreamAsync(),
|
await authResponse.Content.ReadAsStreamAsync(),
|
||||||
jsonOptions);
|
jsonOptions);
|
||||||
|
|
Loading…
Reference in New Issue
Block a user